A Windows 11 laptop repeatedly displays pop-up messages claiming the system is infected with several viruses and urging the user to click a link to fix the problem. The technician has confirmed the alerts do not come from any legitimate security product. According to CompTIA's malware-removal best-practice order, which action should the technician take FIRST after verifying these symptoms?
Uninstall any applications that appear to be rogue antivirus tools.
Update and run a reputable anti-malware scanner.
Disconnect the laptop from all wired and wireless networks to quarantine it.
After symptoms are confirmed, the next step in CompTIA's malware-removal process is to quarantine the affected device so the suspected malware cannot spread to other hosts. Disconnecting all network adapters (wired and wireless) accomplishes this. Disabling System Restore, updating and running anti-malware scans, or uninstalling rogue programs occur later in the remediation sequence.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is disconnecting from networks the first step in malware removal?
Open an interactive chat with Bash
What is System Restore, and why is it not disabled first?
Open an interactive chat with Bash
What happens after quarantining the device in the malware-removal process?